Asus SL1000 User Manual
Page 8
Copyright 2006, ASUSTek Computer, Inc.
Page
5
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http 192.168.1.10 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set set1 esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 3600
crypto map toSL1000 20 ipsec-isakmp
crypto map toSL1000 20 match address SL1000
crypto map toSL1000 20 set peer 10.64.2.145
crypto map toSL1000 20 set transform-set set1
crypto map toSL1000 interface outside
isakmp enable outside
isakmp key ******** address 10.64.2.145 netmask 255.255.255.0
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash sha
isakmp policy 20 group 2
isakmp policy 20 lifetime 3600
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:8213208c43a8ad0a01202a9686af3ed4
Figure 3.2 Verify VPN configurations on the PIX firewall